﻿using Heima.OA.Common;
using Heima.OA.IBLL;
using Heima.OA.Model;
using Spring.Context;
using Spring.Context.Support;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace Heima.OA.UI.Portal.Controllers
{
    public class BaseController : Controller
    {
        public bool IsCheckUserLogin = true;
        protected short delflagNormal = (short)Heima.OA.Model.DelFlagEnum.Normal;
        public UserInfo LoginUser { get; set; }
        public UserRight CurUserRight { get; set; }

        protected override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            base.OnActionExecuting(filterContext);

            #region 测试 取消登录校验

            //return;
            #endregion

            if (IsCheckUserLogin)
            {
                //校验用户是否已经登录
                if (Request.Cookies["userLoginId"] == null)
                {
                    //filterContext.HttpContext.Response.Redirect("/UserLogin/Index");
                    Common.LogHelper.WriteLog("用户登录校验失败!" + Request.Url.AbsolutePath+ Request.HttpMethod);
                    JsonMessage msg = JsonHandler.CreateMessage((int)MsgTypeEnum.错误, "用户登录校验失败!");
                    Response.Write(JsonHandler.ToJson(msg));
                    Response.End();
                    return;
                }
                string userGuid = Request.Cookies["userLoginId"].Value;
                UserInfo userInfo = Common.CacheHelper.GetCache(userGuid) as UserInfo;
                if (userInfo == null)
                {
                    //用户长时间不操作超时
                    //filterContext.HttpContext.Response.Redirect("/UserLogin/Index");
                    JsonMessage msg = JsonHandler.CreateMessage((int)MsgTypeEnum.错误, "长时间未操作，用户重新登录!");
                    Response.Write(JsonHandler.ToJson(msg));
                    Response.End();
                    return;
                }
                UserRight userRight = Common.CacheHelper.GetCache(userInfo.Id.ToString()) as UserRight;
                LoginUser = userInfo;
                CurUserRight = userRight;
                //滑动窗口机制
                Common.CacheHelper.SetCache(userGuid, userInfo, DateTime.Now.AddHours(4));
                Common.CacheHelper.SetCache(userInfo.Id.ToString(), CurUserRight, DateTime.Now.AddHours(4));

                #region 校验权限
                //校验权限
                //当前请求对应的权限数据拿到
                if (LoginUser.UName.ToLower() == "admin")
                {
                    return;
                }
                string url = Request.Url.AbsolutePath;
                string httpMethod = Request.HttpMethod.ToLower();
                //通过容器获取服务
                IApplicationContext ctx = ContextRegistry.GetContext();
                IActionInfoService actionInfoService = ctx.GetObject("ActionInfoService") as IActionInfoService;
                IR_UserInfo_ActionInfoService rUserInfoActionInfoService = ctx.GetObject("R_UserInfo_ActionInfoService") as IR_UserInfo_ActionInfoService;
                IUserInfoService userInfoService = ctx.GetObject("UserInfoService") as IUserInfoService;

                var actionInfo = actionInfoService.GetEntities(a => a.Url.ToLower() == url && a.HttpMethod.ToLower() == httpMethod).FirstOrDefault();
                if (actionInfo == null)
                {
                    //返回错误
                    JsonMessage msg = JsonHandler.CreateMessage((int)MsgTypeEnum.错误, "当前访问权限不存在!");
                    Response.Write(JsonHandler.ToJson(msg));
                    Response.End();
                    return;
                }
                var rUAs = rUserInfoActionInfoService.GetEntities(u => u.UserInfoId == LoginUser.Id);
                var item = (from a in rUAs
                            where a.ActionInfoId == actionInfo.Id
                            select a).FirstOrDefault();
                if (item != null)
                {
                    if (item.HasPermission == 1)
                    {
                        return;
                    }
                    else
                    {
                        //拒绝访问 当前访问的页面
                        JsonMessage msg = JsonHandler.CreateMessage((int)MsgTypeEnum.错误, "用户当前访问权限被拒绝!");
                        Response.Write(JsonHandler.ToJson(msg));
                        Response.End();
                        return;
                    }
                }
                var user = userInfoService.GetEntities(u => u.Id == LoginUser.Id).FirstOrDefault();
                var allRoles = from r in user.RoleInfo
                               select r;
                var actions = from r in allRoles
                              from a in r.ActionInfo
                              select a;
                var temp = (from a in actions
                            where a.Id == actionInfo.Id
                            select a).Count();
                if (temp < 1)
                {
                    //返回错误
                    JsonMessage msg = JsonHandler.CreateMessage((int)MsgTypeEnum.错误, "用户没有当前访问权限的权限!");
                    Response.Write(JsonHandler.ToJson(msg));
                    Response.End();
                    return;
                } 
                #endregion

            }
    
        }

    }
}